'use strict';

const Controller = require('egg').Controller;

class RouteController extends Controller {
  // 获取用户的所有路线
  async index() {
    const { ctx, service } = this;
    const { userId } = ctx.query;

    // 兼容从 headers 中读取 token 或 authorization
    const token = ctx.request.headers.token || ctx.request.headers.authorization || '';
    const tokenData = service.auth.verifyToken(token);
    if (!tokenData) {
      ctx.status = 401;
      ctx.body = { success: false, message: '未登录或token无效' };
      return;
    }

    // 如果带了 userId 参数，则进行权限校验：管理员可查看任意用户；普通用户只能查看自己的
    if (userId !== undefined) {
      if (tokenData.role !== 'admin' && Number(tokenData.userId) !== Number(userId)) {
        ctx.status = 403;
        ctx.body = { success: false, message: '无权限访问该用户数据' };
        return;
      }
      const result = await service.route.list(Number(userId));
      ctx.body = result;
      return;
    }

    // 无 userId 参数时，默认返回当前登录用户的路线
    const result = await service.route.list(tokenData.userId);
    ctx.body = result;
  }

  // 获取单个路线详情
  async show() {
    const { ctx, service } = this;
    const id = parseInt(ctx.params.id);
    const token = ctx.request.header.authorization;
    const tokenData = service.auth.verifyToken(token);
    if (!tokenData) return ctx.body = { success: false, message: '未授权' };

    const result = await service.route.getById(id, tokenData.userId);
    ctx.body = result;
  }

  // 创建路线
  async create() {
    const { ctx, service } = this;
    const payload = ctx.request.body;
    const token = ctx.request.header.authorization;
    const tokenData = service.auth.verifyToken(token);
    if (!tokenData) return ctx.body = { success: false, message: '未授权' };

    const result = await service.route.create(tokenData.userId, payload);
    ctx.body = result;
  }

  // 更新路线
  async update() {
    const { ctx, service } = this;
    const id = parseInt(ctx.params.id);
    const payload = ctx.request.body;
    const token = ctx.request.header.authorization;
    const tokenData = service.auth.verifyToken(token);
    if (!tokenData) return ctx.body = { success: false, message: '未授权' };

    const result = await service.route.update(id, tokenData.userId, payload);
    ctx.body = result;
  }

  // 删除路线
  async destroy() {
    const { ctx, service } = this;
    const id = parseInt(ctx.params.id);
    const token = ctx.request.header.authorization;
    const tokenData = service.auth.verifyToken(token);
    if (!tokenData) return ctx.body = { success: false, message: '未授权' };

    const result = await service.route.destroy(id, tokenData.userId);
    ctx.body = result;
  }

  // 获取旅行计划下的所有路线
  async getByPlanId() {
    const { ctx, service } = this;
    const planId = parseInt(ctx.params.planId);
    const token = ctx.request.header.authorization;
    const tokenData = service.auth.verifyToken(token);
    if (!tokenData) return ctx.body = { success: false, message: '未授权' };

    const result = await service.route.getByPlanId(planId, tokenData.userId);
    ctx.body = result;
  }
}

module.exports = RouteController;